This week's articles
Defending Infrastructure as Code in GitHub Enterprise
#ci/cd, #defend
Paper examining a common deployment of infrastructure as code via GitHub Enterprise and HashiCorp Terraform, explores an attack scenario, examines attacker tradecraft within the context of the MITRE ATT&CK framework, and makes recommendations for defensive controls and intrusion detection techniques.
Initial Reaction to AWS Audit Manager
#aws, #explain
AWS Audit Manager is not quite there yet. The intent of the service is clear and you can begin to see the foundation of what this service could be. There are a few gaps that AWS Audit Manager will have to continue to improve upon to make this service usable for its customers.
Learn How To Create Network Policies for Kubernetes
#k8s, #build
Tutorial that will teach you how to create a network policy using the Cilium Editor. It explains basic network policy concepts and guides you through the steps needed to achieve the desired least-privilege security policy.
Wait Conditions in the Kubernetes Provider for HashiCorp Terraform
#terraform, #build
HashiCorp recently improved the wait_for configurations on several resources, as well as introduced an entirely new generic waiter. The new and improved configuration options allow you to specify whether Terraform should wait for a specific condition, or not, before continuing to apply your configuration or complete successfully.
|